OVMSA-2021-0013 - bind security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2021-04-27 |
Description
[32:9.8.2-0.68.rc1.0.1.8]
- Backport the fix for buffer overflow (CVE-2020-8625) (Orabug: 32588749)
[32:9.8.2-0.68.rc1.8]
- Fix tsig-request verify (CVE-2020-8622)
[32:9.8.2-0.68.rc1.7]
- Correct tests covering CVE-2020-8617
[32:9.8.2-0.68.rc1.6]
- Add additional fix to limit recursions
[32:9.8.2-0.68.rc1.5]
- Add CVE tests to codebase
[32:9.8.2-0.68.rc1.4]
- Limit number of queries triggered by a request (CVE-2020-8616)
- Fix invalid tsig request (CVE-2020-8617)
[32:9.8.2-0.68.rc1.3]
- Use only selected documentation files
[32:9.8.2-0.68.rc1.2]
- Fix CVE-2018-5743
[32:9.8.2-0.68.rc1.1]
- Fix CVE-2018-5740
[32:9.8.2-0.68.rc1]
- Fix CVE-2017-3145
[32:9.8.2-0.67.rc1]
- Change EDNS flags only after successful query (#1416035)
- Fix crash in ldap driver at bind-sdb stop (#1426626)
[32:9.8.2-0.66.rc1]
- Fix CVE-2017-3142 and CVE-2017-3143
[32:9.8.2-0.65.rc1]
- Update root servers and trust anchors
[32:9.8.2-0.64.rc1]
- Fix DNSKEY that encountered a CNAME (#1447872, ISC change 3391)
[32:9.8.2-0.63.rc1]
- Fix CVE-2017-3136 (ISC change 4575)
- Fix CVE-2017-3137 (ISC change 4578)
[32:9.8.2-0.62.rc1]
- Fix and test caching CNAME before DNAME (ISC change 4558)
[32:9.8.2-0.61.rc1]
- Fix CVE-2016-9147 (ISC change 4510)
- Fix regression introduced by CVE-2016-8864 (ISC change 4530)
[32:9.8.2-0.60.rc1]
- Restore SELinux contexts before named restart
[32:9.8.2-0.59.rc1]
- Use /lib or /lib64 only if directory in chroot already exists
- Tighten NSS library pattern, escape chroot mount path
[32:9.8.2-0.58.rc1]
- Fix CVE-2016-8864
[32:9.8.2-0.57.rc1]
- Do not change lib permissions in chroot (#1321239)
- Support WKS records in chroot (#1297562)
[32:9.8.2-0.56.rc1]
- Do not include patch backup in docs (fixes #1325081 patch)
[32:9.8.2-0.55.rc1]
- Backported relevant parts of [RT #39567] (#1259923)
[32:9.8.2-0.54.rc1]
- Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283)
[32:9.8.2-0.53.rc1]
- Fix multiple realms in nsupdate script like upstream (#1313286)
[32:9.8.2-0.52.rc1]
- Fix multiple realm in nsupdate script (#1313286)
[32:9.8.2-0.51.rc1]
- Use resolver-query-timeout high enough to recover all forwarders (#1325081)
[32:9.8.2-0.50.rc1]
- Fix CVE-2016-2848
[32:9.8.2-0.49.rc1]
- Fix infinite loop in start_lookup (#1306504)
[32:9.8.2-0.48.rc1]
- Fix CVE-2016-2776
[32:9.8.2-0.47.rc1]
- Fix CVE-2016-1285 and CVE-2016-1286
[32:9.8.2-0.46.rc1]
- Fix CVE-2015-8704
[32:9.8.2-0.45.rc1]
- Updated named.ca hints file to the latest version (#1267991)
[32:9.8.2-0.44.rc1]
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3 (x86_64) | bind-9.8.2-0.68.rc1.0.1.el6_10.8.src.rpm | 4a2e1f1ab589dc90ad7f4238ae5c49d0 | OVMSA-2021-0015 |
| bind-libs-9.8.2-0.68.rc1.0.1.el6_10.8.x86_64.rpm | 951d058dad606b80a09505120abbe571 | OVMSA-2021-0015 |
| bind-utils-9.8.2-0.68.rc1.0.1.el6_10.8.x86_64.rpm | f9a2cc8123b26478dd2ed0b7b3ba88c4 | OVMSA-2021-0015 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
